What is the best practice of keeping the user logged in after the application is closed and reopened?

  • Thread starter Thread starter avivgood
  • Start date Start date
A

avivgood

Guest
I have a winform app, that has a login option: the login data is just email and password. When the user logs in, I want that the program will "remember" the last user that logged in (if he didn't log out) and use this information for the next time he opens the app. I can just put it in a text file, but text files can be changed by anyone to everything else, so the user can access every single account in the DB, even if he is not authorized. if I add password to the text file (and then run checks if the password in the text file matches the password in the DB) then the password will be exposed to everyone that can access the computer (You may say "well, if he can access the computer he can log into the account anyway", but if he dont know the password he can't steal the account - just make changes) Encrypting the password in the text file won't work as well because the attacker has limitless tries to decrypt the password. What is best practice for such problems?

Continue reading...
 

Similar threads

W
C# app Install by an Admin, run by a user at startup? What is the best practice
Replies
0
Views
93
wil70
W
A
How to extract a single decrypted page from multi page file using AES256 algorithm
Replies
0
Views
143
Ankit Raman
A
A
This might be the mother of all password leaks, with billions of credentials exposed
Replies
0
Views
77
Andy Meek
A
C
Slack users with Android phones need to change their passwords immediately
Replies
0
Views
91
Chris Smith
C
M
How to log in using webclient
Replies
0
Views
539
Mattia Fanti
M
Back
Top